Skip to main content

API key

Every request to https://api.pmxt.dev needs a Bearer token. Get one from pmxt.dev/dashboard — it works immediately. 
Authorization: Bearer pmxt_live_...
X-Api-Key: pmxt_live_... also works as a fallback, but Bearer is canonical and what every SDK sends.

SDK setup

Set PMXT_API_KEY and the SDK automatically routes to the hosted endpoint. No code changes versus local development. 
import os, pmxt
os.environ["PMXT_API_KEY"] = "pmxt_live_..."

poly = pmxt.Polymarket()   # -> https://api.pmxt.dev
Or pass it directly:
poly = pmxt.Polymarket(pmxt_api_key="pmxt_live_...")
Explicit argument takes precedence over the environment variable.

Venue credentials

In hosted mode, trade writes use PMXT’s PreFundedEscrow custody plus a locally-signed EIP-712 payload. You pass your pmxt_api_key, the wallet address you trade from, and a private key used only for local signing — the private key never leaves your machine, and PMXT custodies USDC in the escrow contract on your behalf. 
import pmxt

client = pmxt.Polymarket(
    pmxt_api_key="pmxt_live_...",
    wallet_address="0xYourWallet...",
    private_key="0xYourPrivateKey...",
)

# One-time: approve + deposit USDC into PreFundedEscrow
deposit_tx = client.escrow.deposit_tx(amount=10.0)
# (sign + broadcast deposit_tx with your wallet library)
See Trading quickstart for the full 60-second flow and Escrow lifecycle for the approve / deposit / withdraw mechanics. Hosted writes today: Polymarket and Opinion.

Self-hosted / direct venue credentials (advanced)

When you run pmxt-core locally, or when you need a venue that hosted writes don’t yet support, you pass venue-native credentials (Polymarket private key, Kalshi RSA, Smarkets session, etc.) directly: 
order = poly.create_order(
    outcome=market.yes,
    side="buy",
    type="limit",
    price=0.42,
    amount=100,
)
PMXT never stores venue credentials. They are forwarded to the venue and dropped when the call completes.
Some venues (Polymarket, Limitless, Probable, Opinion, Baozi) require raw wallet private keys with full fund control. Use a dedicated trading wallet and read Security & Credential Handling before passing private keys to PMXT — hosted or self-hosted.

Rotating keys

Rotate immediately if you suspect a key is exposed. Old keys are revoked atomically — in-flight requests with the old key are rejected within 60 seconds.
  1. Create a new key from the dashboard.
  2. Deploy the new key to your application.
  3. Revoke the old key once traffic has drained.
All revocations are logged under Settings > Audit Log.

Errors

StatusBodyMeaningSDK exception
401{"error": "missing api key"}No Authorization header on the request.InvalidApiKey
401{"error": "invalid api key"}Key unknown, revoked, or expired.InvalidApiKey
429{"error": "rate_limit_exceeded", ... }See Plans & Limits.RateLimitExceeded
See API Reference / Errors for the full error class hierarchy.